Holistic Approach of Full Stack Web3 Security, Anouar Ali, Valkyri | ETHSofia 2025

Description

Most protocols today focus narrowly on smart contract audits, overlooking critical layers like backend services, frontend applications, databases, APIs, and third-party integrations. This creates hidden vulnerabilities that attackers can exploit outside the chain. In this talk, we’ll explore the importance of full stack security reviews, highlight real-world blind spots that projects miss, and provide a framework for conducting holistic audits that cover the entire lifecycle of a protocol’s infrastructure from Solidity to servers to the user’s browser. Alix40 is a Germany-based security researcher in Web3 and Web2 who founded the public-good platform SoloAudit.com and is a founding partner at the full-stack security firm Valkyri Sec. This video was recorded during the ETHSofia Conference and Workshops - September 24-25th, 2025. ETHSofia is Bulgaria’s premier crypto event exploring Ethereum technology and blockchain innovation. In 2025, it’s set to unite builders, founders, researchers, investors, and crypto enthusiasts to collaboratively shape the future of Web3. For more information visit our website. Links in our channel.